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IN THE CLAIMS 

Please cancel claims 50 5 61, and 72. 

Please amend claims 49, 51-56, 58, 59, 60, 62-67, 70-71, and 73-78 as indicated below. 
1-48 (Cancelled). 

49. (Currently Amended) A method of community separation control in a Multi-Community 
Node (MCN), said method comprising: 

ensuring routing table compliance with a community separation policy, wherein all 

routing table updates are validated to ensure said compliance; and 
validating a data packet; 

allowing further processing of said data packet in response to detecting said data packet is 
validated; and 

discarding said data packet in response to detecting said data packet is not validated; 
wherein said validating said updates comprises: 

determining a network interface through which a next hop corresponding to an 

update of said updates will be reached; 
determining whether a first address corresponding to said next hop is within a first 

address set of said network interface; 
discarding said update in response to determining said destination address is not 

within said first address set; and 
performing said update in response to determining said destination address is 

within said first address set . 

50. (Cancelled). 
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5 1 . (Currently Amended) The method of claim 50 49, wherein said network interface is said 
determined by either extracting an identification of said network interface from said update or 
by finding a network interface whose network address prefix matches that of said next hop. 

52. (Currently Amended) The method of claim 50 49, wherein said first address is a destination 
address and said first address set is an Attached Address Set. 

53. (Currently Amended) The method of claim 5© 49, wherein said first address is a Network 
Address Community Set (NACS) corresponding to a destination address of said next hop, 
and wherein said first address set is an Interface Community Set (IFCS) of said network 
interface. 

54. (Currently Amended) The method of claim 50 49, wherein said data packet is an outgoing 
data packet, and wherein validating said data packet comprises: 

determining said destination address is reachable; and 

determining a community set corresponding to an interface over which said data packet is 
to be output includes a community set corresponding to said destination address. 

55. (Currently Amended) The method of claim 50 49, wherein said data packet is an incoming 
data packet, and wherein validating said data packet comprises checking that a source address 
of said data packet is within an AAS Attached Address Set of the interface over which said 
data packet was received. 

56. (Currently Amended) The method of claim 50 49, wherein said data packet is received on a 
first interface of said MCN and is to be forwarded to a second interface of said MCN, and 
wherein validating said data packet comprises determining an intersection of an Interface 
Community Set (IFCS) of said first interface with an IFCS of said second interface is not 
null. 
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57. (Original) The method of claim 49 further comprising consulting a Community Information 
Base (CIB). 

58. (Currently Amended) The method of claim 57, wherein said CIB includes an IFCS 
corresponding to each interface of said MCN, and an AAS Attached Address Set 
corresponding to each interface of said MCN indicating destination addresses or destination 
subnets which are reachable through each of said interfaces. 

59. (Currently Amended) The method of claim SQ 49, further comprising recording an event 
corresponding to said update in response to determining said destination address is not within 
said first address set. 

60. (Currently Amended) A multi-community node comprising: 

a processing unit, wherein said processing unit is configured to ensure routing table 

compliance with a community separation policy, wherein all routing table updates 
are validated to ensure said compliance, validate a data packet, allow further 
processing of said data packet in response to detecting said data packet is 
validated, and discard said data packet in response to detecting said data packet is 
not validated; and 

a community information base (CIB) coupled to said processing unit; 
wherein in validating said updates said processing unit is configured to: 

determine a network interface through which a next hop corresponding to an 

update of said updates will be reached; 
determine whether a first address corresponding to said next hop is within a first 
address set of said network interface; 
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discard said update in response to determining said destination address is not 

within said first address set; and 
perform said update in response to determining said destination address is within 

said first address set. 

61. (Cancelled). 

62. (Currently Amended) The node of claim 6± 60, wherein said network interface is said 
determined by either extracting an identification of said network interface from said update or 
by finding a network interface whose network address prefix matches that of said next hop. 

63. (Currently Amended) The node of claim 6i 60, wherein said first address is a destination 
address and said first address set is an Attached Address Set. 

64. (Currently Amended) The node of claim 64- 60, wherein said first address is a Network 
Address Community Set (NACS) corresponding to a destination address of said next hop, 
and wherein said first address set is an Interface Community Set (IFCS) of said network 
interface. 

65. (Currently Amended) The node of claim 64- 60, wherein said data packet is an outgoing data 
packet, and wherein in validating said data packet said processing unit is configured to: 

determine said destination address is reachable; and 

determine a community set corresponding to an interface over which said data packet is to 
be output includes a community set corresponding to said destination address. 

66. (Currently Amended) The node of claim 6± 60, wherein said data packet is an incoming data 
packet, and wherein validating said data packet comprises checking that a source address of 
said data packet is within an AAS of the interface over which said data packet was received. 
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67. (Currently Amended) The node of claim 64- 60, wherein said data packet is received on a 
first interface of said MCN and is to be forwarded to a second interface of said MCN, and 
wherein validating said data packet comprises determining an intersection of an Interface 
Community Set (IFCS) of said first interface with an IFCS of said second interface is not 
null. 

68. (Original) The node of claim 60 further comprising consulting said CIB. 

69. (Original) The node of claim 68, wherein said CIB includes an IFCS corresponding to each 
interface of said MCN, and an AAS corresponding to each interface of said MCN indicating 
destination addresses or destination subnets which are reachable through each of said 
interfaces. 

70. (Currently Amended) The node of claim 64- 60, further comprising recording an event 
corresponding to said update in response to determining said destination address is not within 
said first address set. 

71. (Currently Amended) A computer network comprising: 

a multi-community node (MCN), wherein said node comprises: 

a processing unit, wherein said processing unit is configured to ensure routing 

table compliance with a community separation policy, wherein all routing 
table updates are validated to ensure said compliance, validate a data 
packet, allow further processing of said data packet in response to 
detecting said data packet is validated, and discard said data packet in 
response to detecting said data packet is not validated; and 

a community information base (CIB) coupled to said processing unit; 
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a first computer network coupled to said MCN; and 

a second computer network coupled to said MCN; 

wherein in validating said updates said node is configured to: 

determine a network interface through which a next hop corresponding to an 

update of said updates will be reached; 
determine whether a first address corresponding to said next hop is within a first 

address set of said network interface; 
discard said update in response to determining said destination address is not 

within said first address set; and 
perform said update in response to determining said destination address is within 

said first address set . 

72. (Cancelled). 

73. (Currently Amended) The computer network of claim 32 71, wherein said node is configured 
to determine said network interface by either extracting an identification of said network 
interface from said update or by finding a network interface whose network address prefix 
matches that of said next hop. 

74. (Currently Amended) The computer network of claim 72 71 , wherein said first address is a 
destination address and said first address set is an Attached Address Set. 

75. (Currently Amended) The computer network of claim 72 71, wherein said first address is a 
Network Address Community Set (NACS) corresponding to a destination address of said 
next hop, and wherein said first address set is an Interface Community Set (IFCS) of said 
network interface. 
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76. (Currently Amended) The computer network of claim 73 71, wherein said data packet is an 
outgoing data packet originating in said MCN, and wherein in validating said data packet said 
node is configured to: 

determine said destination address is reachable; and 

determine a community set corresponding to an interface over which said data packet is to 
be output includes a community set corresponding to said destination address. 

77. (Currently Amended) The computer network of claim 72 71 , wherein said data packet is an 
incoming data packet from said first computer network, and wherein validating said data 
packet comprises checking that a source address of said data packet is within an AAS of the 
interface over which said data packet was received. 

78. (Currently Amended) The computer network of claim 72 71, wherein said data packet is 
received on a first interface of said MCN and is to be forwarded to a second interface of said 
MCN, wherein said first interface corresponds to said first computer network and said second 
interface corresponds to said second computer network, and wherein in validating said data 
packet said node is configured to determine that an intersection of an Interface Community 
Set (IFCS) of said first interface with an IFCS of said second interface is not null. 

79. (Original) The computer network of claim 71, further comprising consulting said CIB. 

80. (Original) The computer network of claim 79, wherein said CIB includes an IFCS 
corresponding to each interface of said MCN, and an AAS corresponding to each interface of 
said MCN indicating destination addresses or destination subnets which are reachable 
through each of said interfaces. 
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8 1 . (Currently Amended) The computer network of claim 72 71, further comprising recording 
an event corresponding to said update in response to determining said destination address is 
not within said first address set. 
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